diff options
| author | Florian Weimer <fweimer@redhat.com> | 2017-06-19 18:31:27 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2017-06-19 18:31:27 +0200 |
| commit | 3c7cd21290cabdadd72984fb69bc51e64ff1002d (patch) | |
| tree | 369ca5ccaba967fb332bac482ae3be53c404d5ac /ChangeLog | |
| parent | f92b1025980a939645b1ec7e550411a05ac7c76f (diff) | |
| download | glibc-3c7cd21290cabdadd72984fb69bc51e64ff1002d.tar.gz glibc-3c7cd21290cabdadd72984fb69bc51e64ff1002d.tar.xz glibc-3c7cd21290cabdadd72984fb69bc51e64ff1002d.zip | |
CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1 programs [BZ #21624]
LD_LIBRARY_PATH can only be used to reorder system search paths, which is not useful functionality. This makes an exploitable unbounded alloca in _dl_init_paths unreachable for AT_SECURE=1 programs. (cherry picked from commit f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d)
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index d44aff0a36..14ff8b8bb3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2017-06-19 Florian Weimer <fweimer@redhat.com> + + [BZ #21624] + CVE-2017-1000366 + * elf/rtld.c (process_envvars): Ignore LD_LIBRARY_PATH for + __libc_enable_secure. + 2017-05-12 Florian Weimer <fweimer@redhat.com> [BZ #21386] |